<?php

declare(strict_types=1);

namespace think\auth\struct;

use Lcobucci\JWT\Signer;
use Lcobucci\JWT\Signer\Rsa;
use Lcobucci\JWT\Signer\Key;
use Lcobucci\JWT\Signer\Hmac;
use Lcobucci\JWT\Signer\Hmac\Sha256;
use Lcobucci\JWT\Signer\Key\InMemory;
use Lcobucci\JWT\Signer\Key\LocalFileReference;
use think\exception\HttpException;

class TokenConfig
{
    protected string    $signerKey          = '';
    protected int       $notBefore          = 0;
    protected int       $expiresAt          = 3600;
    protected int       $refreshTtl         = 7200;
    protected string    $signer             = Sha256::class;
    protected string    $type               = 'Header|Post';
    protected int       $reloginCode        = 50002;
    protected int       $refreshCode        = 50001;
    protected string    $iss                = 'client.ThinkAuth';
    protected string    $aud                = 'server.ThinkAuth';
    protected bool      $automaticRenewal   = false;
    protected string    $aesKey             = 'sdiyhsakjgbksdfj';
    protected string    $publicKey          = '';
    protected string    $privateKey         = '';

    public function __construct(array $options)
    {
        if (!empty($options)) {
            foreach ($options as $key => $value) {
                $this->$key = $value;
            }
        }
    }

    public function getHamcKey(): Key
    {
        if (empty($this->signerKey)) {
            throw new HttpException( 500,'config signerKey required.');
        }

        return InMemory::base64Encoded($this->signerKey);
    }

    public function RSASigner(): bool
    {
        $signer = $this->getSigner();

        return $signer instanceof Rsa;
    }

    public function getSignerKey(): Key
    {
        $signer = $this->getSigner();

        if ($this->RSASigner()) {
            return $this->getPrivateKey();
        } else if ($signer instanceof Hmac) {
            return $this->getHamcKey();
        } else {
            throw new HttpException(500,'not support.');
        }
    }

    public function getAesKey(): string
    {
        return $this->aesKey;
    }

    public function getPublicKey(): Key
    {
        return LocalFileReference::file($this->publicKey);
    }

    public function getPrivateKey(): Key
    {
        return LocalFileReference::file($this->privateKey);
    }

    public function getExpires(): int
    {
        return $this->expiresAt;
    }

    public function getRefreshTTL(): int
    {
        return $this->refreshTtl;
    }

    public function getIss(): string
    {
        return $this->iss;
    }

    public function getAud(): string
    {
        return $this->aud;
    }

    public function getNotBefore(): int
    {
        return $this->notBefore;
    }

    public function getSigner(): Signer
    {
        return new $this->signer;
    }

    public function getReloginCode(): int
    {
        return $this->reloginCode;
    }

    public function getRefreshCode(): int
    {
        return $this->refreshCode;
    }

    public function getAutomaticRenewal(): bool
    {
        return $this->automaticRenewal;
    }

    public function getType(): string
    {
        return $this->type;
    }
}
